November 29, 2006

Apple releases Security Update 2006-007

I am posting this for my viewers who use Apple's Mac operating systems, the percentage of which is not declining ;-)

Apple released Security Update 2006-007 in various versions. The update is available via Software Update and also as standalone installers.

Security Update 2006-007 is recommended for all users and improves the security of the following components:

- AirPort
- ATS
- CFNetwork
- Finder
- Font Book
- Font Importer
- Installer
- OpenSSL
- PHP
- PPP
- Samba
- Security Framework
- VPN
- WebKit
- gnuzip

About the security content of Security Update 2006-007:
http://docs.info.apple.com/article.html?artnum=304829

Standalone Installers:
. Security Update 2006-007 (10.3.9 Client): Security Update 2006-007
is recommended for all users (33MB)
http://www.apple.com/support/downloads/securityupdate20060071039client.html

. Security Update 2006-007 (10.3.9 Server): Security Update 2006-007
is recommended for all servers (46MB)
http://www.apple.com/support/downloads/securityupdate20060071039server.html

. Security Update 2006-007 (10.4.8 Client Intel): Security Update
2006-007 is recommended for all users (23MB)
http://www.apple.com/support/downloads/securityupdate20060071048clientintel.html

. Security Update 2006-007 (10.4.8 Client PPC): Security Update
2006-007 is recommended for all users (11MB)
http://www.apple.com/support/downloads/securityupdate20060071048clientppc.html

. Security Update 2006-007 (10.4.8 Server PPC): Security Update
2006-007 is recommended for all servers (12MB)
http://www.apple.com/support/downloads/securityupdate20060071048serverppc.html

. Security Update 2006-007 (10.4.8 Server Universal): Security Update
2006-007 is recommended for all servers (25MB)
http://www.apple.com/support/downloads/securityupdate20060071048serveruniversal.html

Posted by Wiz at 6:20 PM |

Facebook Twitter LinkedIn Pinterest Instapaper Google+ Addthis

back to top ^

Ad-Aware SE Definitions Updated on 11/27/2006

Ad-Aware Personal provides advanced protection from known data-mining, aggressive advertising, Trojans, dialers, malware, browser hijackers, and tracking components. This software is downloadable free of charge.

Anti Spyware/Adware program Ad-Aware, by Lavasoft has had it's definition file updated. Users of the free version should check for and install the new definitions manually.

Current Definition File:
SE1R135 27.11.2006

Detections Removed:
SpyNoMore has been removed because the probation time has expired without further incident.

Updated definitions:
=====================
AdBlaster +2
Adware.Adhelper +5
Adware.BHO(generic) +3
Adware.NewWeb +2
Adware.Searchcolours +2
Lop +4
PurityScan +3
SpyAgent +2
TVMedia
Win32.Backdoor.Agent +6
Win32.Backdoor.PcClient
Win32.Backdoor.SDBot
Win32.Bagle.B
Win32.Dialer.Trojan +3
Win32.Generic.PWS +31
Win32.Trojan.Agent +9
Win32.Trojan.Downloader +25
Win32.Trojan.Klone
Win32.Trojan.MatrixHasYou +11
Win32.Trojan.Qhost +3
Win32.Trojan.SDBot
Win32.Trojan.Small +2
Win32.Trojan.Spambot +7
Win32.Trojan.Spy +2
Win32.Trojan.StartPage
Win32.TrojanClicker
Win32.TrojanDownloader.Agent +9
Win32.TrojanDownloader.Delf
Win32.TrojanDownloader.Small +2
Win32.TrojanDownloader.VB +3
Win32.Trojandownloader.Zlob +1578
Win32.TrojanDropper +3
Win32.TrojanProxy.Agent.dl +3
Win32.Trojan-PSW.Lineage +18
Win32.TrojanSpy.Banker +25
Win32.Worm.Warezov +5
Win32.Worm.Viking +7
Virtumonde +4
Zango

MD5 checksum is c0f5033fa432381818476a7b39a15684
============================================
You can use Webupdate to install the new reference file, or download
it manually from: http://download.lavasoft.de.edgesuite.net/public/defs.zip

Download the current version of Ad-Aware here: http://www.download.com/3405-8022-5153545.html

See all security program update notices in this catagory

Posted by Wiz at 6:04 PM |

Facebook Twitter LinkedIn Pinterest Instapaper Google+ Addthis

back to top ^

November 25, 2006

Spybot S&D Definitions Updated on November 24, 2006

World reknowned anti-spyware program - Spybot Search and Destroy - was updated with new spyware definition files. If you use this program be sure to run manual updates as soon as possible.

If you see a program listed in these detections by name you should assume that is is malware. Update your Spybot Search and Destroy definitions, then scan for and fix any malware that is detected.

Spybot Search and Destroy (Multi-Lingual Landing Page. Choose your language).

2006-11-24 Updates

Adware
+ NSIS Media Extension + Zippy

Dialer
+ Carima Enterprises

Hijacker
+ CoolWWWSearch.008k + CoolWWWSearch.Aff.Winshow + CoolWWWSearch.Dreplace + CoolWWWSearch.Leftovers + CoolWWWSearch ++ GJeans30 + HotsearchBar + QuickNavigate

Malware
+ ClickConsulting + DeepDive + Dropper.ragger + ErrorSafe + ISearchTech.IstDownloader + RegiFast + Smitfraud-C. + SpySheriff + Vcodec.Intcodec + Winsoftware.WinAntiSpyware2006

PUPS
+ DriveCleaner 2006 + Zango

Spyware
+ Adware.IEPageHelper + ClientMan

Trojan
+ Adir.Wget + CoolWWWSearch.GonnaSearch (2) + Dadobra + Fraud.ProtectionBar + MovieLand ++ PSLister + Smitfraud-C. (5) + Win32.Delf.aml + XPreload + Zlob.FreeVideo.DVDCodec + Zlob.EliteCodec + Zlob.PornPassManager + Zlob.QualityCodec + Zlob.TrueCodec + Zlob.VidCodec (2) + Zlob.VideoKeyCodec

Total: 334918 fingerprints in 53285 rules for 2474 products.

English Language Company Links:
Spybot Search and Destroy Home Page
Spybot Search and Destroy Download page - Program and definition updates.
Full tutorial about using and setting up Spybot Search and Destroy
Spybot Search and Destroy Update History

See all security program update notices in this catagory

Posted by Wiz at 1:22 PM |

Facebook Twitter LinkedIn Pinterest Instapaper Google+ Addthis

back to top ^

November 21, 2006

Ad-Aware SE Definitions Updated on 11/20/2006

Ad-Aware Personal provides advanced protection from known data-mining, aggressive advertising, Trojans, dialers, malware, browser hijackers, and tracking components. This software is downloadable free of charge.

Anti Spyware/Adware program Ad-Aware, by Lavasoft has had it's definition file updated on November 20, 2006. Users of the free version should check for and install the new definitions manually.

Current Definition File:
SE1R129 20.11.2006

Updated Definitions:
========================
Adware +4
Adware.Adhelper +4
Adware.BHO(generic)
Adware.CasClient +6
Adware.DesktopMedia
Adware.DollarRevenue +7
Adware.Henbang
Adware.IEHlpr +6
Adware.NewWeb +7
Adware.VB +6
Adware.ZenoSearch +4
BookedSpace +3
CnsMin +3
Dialer +2
Lop +3
PurityScan +4
Softomate Toolbar
SpywareSheriff +2
Virtumonde
VirusBurst +5
Win32.Backdoor.Agent +6
Win32.Backdoor.RBot +3
Win32.Backdoor.SDBot
Win32.Dialer.Trojan
Win32.Generic.PWS +2
Win32.Trojan.Agent +7
Win32.Trojan.Downloader +32
Win32.Trojan.Kolweb +4
Win32.Trojan.MatrixHasYou +14
Win32.Trojan.Mirc +4
Win32.Trojan.Spambot +6
Win32.Trojan.Spy
Win32.TrojanDownloader.Agent +7
Win32.TrojanDownloader.Delf +5
Win32.TrojanDownloader.Tibs
Win32.TrojanDropper
Win32.TrojanProxy.Agent.dl +5
Win32.Trojan-PSW.Lineage +2
Win32.Worm.Warezov +3

The MD5 checksum for the defs.ref file is 3ecee36bbddbecddd2fc0775e1f462c9
============================================
You can use Webupdate to install the new reference file, or download
it manually from: http://download.lavasoft.de.edgesuite.net/public/defs.zip

Download the current version of Ad-Aware here: http://www.download.com/3405-8022-5153545.html

See all security program update notices in this catagory

Posted by Wiz at 1:36 PM |

Facebook Twitter LinkedIn Pinterest Instapaper Google+ Addthis

back to top ^

November 18, 2006

Spybot S&D Definitions Updated on November 17, 2006

World reknowned anti-spyware program - Spybot Search and Destroy - was updated with new spyware definition files. If you use this program be sure to run manual updates as soon as possible.

If you see a program listed in these detections by name you should assume that is is malware. Update your Spybot Search and Destroy definitions, then scan for and fix any malware that is detected.

Spybot Search and Destroy (Multi-Lingual Landing Page. Choose your language).

2006-11-17 Updates

Adware
+ NSIS Media Extension + RooGoo

Dialer
+ Creazione + NetTechnology.Inc

Keylogger
+ AdvancedKeylogger

Malware
+ AdCom + Batty + Command Service (3) + DyFuCA.InternetOptimizer + Elitum.Elitebar.Pokapoka + Look2Me + Mailbot + MediaMotor (2) + Mirar + PSCastor + RazeSpyware + SaferSurfing + Smitfraud-C. (7) + Smitfraud-C.Deskbar + Smitfraud-C.Toolbar888 + Vcodec + WebQuick + ZenoSearch ++ Zlob.VidCodec (2)

PUPS
+ AntiverminsPro + Deskbar + MalwareWipe + YazzleSudoku + Zango

Spyware
+ eZula HotText

Trojan
+ BraveSentry + BugsPrey + Busky.Gen + Clicker.Small.Jf + CoolWWWSearch.GonnaSearch + Downloader.Small.Dgk + Kelvir + PassiveTerror + TagASaurus (2) + Tibs.vq + Win32.AdvertMen + Win32.Agent.hl + Win32.Lager.aq + Win32.Limar + Win32.Small.doh +
Win32.VB.aua + XPreload ++ Zlob.FreeVideo.DVDCodec ++ Zlob.IVideoCodec (2) + Zlob.MMediaCodec + Zlob.PornPassManager ++ Zlob.PowerCodec

Total: 333535 fingerprints in 52845 rules for 2445 products.

English Language Company Links:
Spybot Search and Destroy Home Page
Spybot Search and Destroy Download page - Program and definition updates.
Full tutorial about using and setting up Spybot Search and Destroy
Spybot Search and Destroy Update History

See all security program update notices in this catagory

Posted by Wiz at 1:45 PM |

Facebook Twitter LinkedIn Pinterest Instapaper Google+ Addthis

back to top ^

November 8, 2006

Wizcrafts Gets Honorable Mention on CastleCops, for MailWasher Pro Filters

My regular readers know that I use and promote the email screening program - MailWasher Pro. This inexpensive program screens incoming email for threats or spam, using a combination of blacklists, blocklists, user-reported known spam, "Bayesian" learning filters and best of all, user configurable filter rules. The user filters in MailWasher Pro allow for matching positive or negative words and Regular Expressions and are capable of detecting just about any known type of spam trick that exists, by employing the correct combinations of test conditions.

In my last Blog entry about MailWasher Pro I mentioned that I have developed custom filters to detect and delete image spam with garbage text. This spam is quite prevalent now and is entirely sent from tens of thousands of compromised home and office computers, that have been involuntarily drafted into BotNets, by spammers. Bothered by this senseless spam, mostly for investment stocks, I developed a group of filters that recognize variations of this crap and delete it automatically, without me ever having to see it. I have been fine-tuning my image spam filters to catch variations of the original coding, which is changing every week or two.

A few days ago I was reading new posts on the MailWasher Pro Forum at CastleCops, when I came across a topic where the OP (original poster) was looking for help to block these very image spam messages. I answered with a link to my online copy of my MailWasher Pro filters and made a few people very happy with the solution to this type of spam. Since spammers' techniques change frequently, I have been updating my filters to meet those changes, and posting news in a thread that now has my name in the Title. Additionally, I have been further honored by having my filters linked to in the MailWasher Wiki, on CastleCops.com.

If you are troubled by spam, whether in words or images, and are looking for a way to detect and delete it, without having to read it again, try MailWasher Pro. It is free to try for 30 days and only costs $37.00 USD to register, with free updates for life. You can learn more about MailWasher Pro here. There are links on that page to view my custom filters.

Try Firetrust Mailwasher® Pro

Posted by Wiz at 5:37 PM |

Facebook Twitter LinkedIn Pinterest Instapaper Google+ Addthis

back to top ^

November 3, 2006

WinAntiVirusPro2006/2007 popup is indication of a malware infection

If you receive a popup message similar to this:

INTERNET SECURITY CENTER: "YOUR MACHINE MAY BE INFECTED BY THE BLOODHOUND VIRUS,"
advising you to download WinAntiVirusPro2006, or WinAntiVirusPro2007, you are already infected. The program is fraudulant and uses bogus detections to goad the gullible into purchasing it to remove the "infections" it claims to have found. See the Spyware Warrior Rogue Anti-Spyware list for more details about this bogus program.

WinAntiVirusPro2006/2007 is part of the infection that popped up the notice in the first place. While your computer may indeed be infected with viruses and/or spyware, that program will not remove them. Get an authentic anti virus program to remove real threats (see list below).

To remove this threat you should download and install a spyware removal program, like Spyware Doctor, or Spybot Search and Destroy. Search for and download all available updates, then scan for and fix any problems found. You may probably have to reboot and let the anti spyware program run again before the Windows Desktop loads, to finish the removal process, or even have to reboot into Safe Mode. These sleazeware infections do not let go easily.

If you try removing the WinAntiVirusPro2006/2007 infection with Spybot S & D, and it is unsuccessful in removing this or other threats from your PC, visit the Spybot Search & Destroy Malware Removal Forum for help.

Some Legitimate Anti Virus and Anti Spyware Programs:

PC Tools Spyware Doctor

Webroot Spy Sweeper

Kaspersky Anti Virus

Trend Micro PC-cillin Internet Security


If you lack an anti virus program and cannot afford to purcase one, Grisoft makes the excellent AVG Free anti virus program, that you can download.

Updated on April 7, 2007, to include WinAntiVirusPro2007 parasite in details.

Posted by Wiz at 11:53 AM |

Facebook Twitter LinkedIn Pinterest Instapaper Google+ Addthis

back to top ^

Blog Links

Sponsored Message

I recommend Malwarebytes to protect your computers and Android devices from malicious code attacks. Malwarebytes detects and blocks spyware, viruses and ransomware, as well as rootkits. It removes malware from an already infected device. Get an 18 month subscription to Malwarebytes here.

If you're a fan of Robert Jordan's novels, you can buy boxed sets of The Wheel Of Time, here.

As an Amazon and Google Associate, I earn commissions from qualifying purchases.

CIDR to IPv4 Address Range Utility Tool | IPAddressGuide
CIDR to IPv4 Conversion



Search


About the author
Wiz FeinbergWiz's Blog is written by Bob "Wiz" Feinberg, an experienced freelance computer consultant, troubleshooter and webmaster. Wiz's specialty is in computer and website security. Wizcrafts Computer Services was established in 1996.

I produce this blog and website at my own expense. If you find this information valuable please consider making a donation via PayPal.

Follow @Wizcrafts on Twitter, where I post short updates on security issues, spam trends and things that just eat at my craw.

Follow Wizcrafts on Twitter

Malwarebytes' Anti-Malware is the most frequently recommended malware removal tool in malware removal forums, like Bleeping Computers. It is extremely effective for removing fake/rogue security alerts, Bots, Spyware and the most prevalent and current malware threats in the wild. Learn about Malwarebytes Anti-Malware.

MailWasher Pro is an effective spam filter that protects your desktop email client. Using a combination of blacklists and built-in and user configurable filters, MailWasher Pro recognizes and deletes spam before you download it. MailWasher Pro reveals the actual URL of any links in a message, which protects you from most Phishing scams. Try it free for 30 days.

Categories

Tag Cloud

Recent Posts

Popular Posts

Archives

Subscribe to this blog's feed
Creative Commons License This weblog is licensed under a Creative Commons License.
The content on this blog may be reprinted provided you do not modify the content and that you give credit to Wizcrafts and provide a link back to the blog home page, or individual blog articles you wish to reprint. Commercial use, or derivative work requires written permission from the author.
Powered by Movable Type

back to top ^